Posts filed under ‘Compliance’

We have the greatest military in the world but judging by the way the DOD has gone about implementing the Military Lending Act it is safe to say that if the military was as bad at defending us as they are at promulgating consumer protection regulations, the United States would be a protectorate of a united Korea under the leadership of great leader Kim Jong-un.

If you think I’m being too tough then perhaps you haven’t been paying attention to the latest developments. The Military Lending Act was passed by Congress in 2007 in response to wide-spread reports of abusive loan practices towards our military personnel such as pay-day loans. The basic idea is that when consumer credit is extended to a member of the military or their relatives, they are to be given additional protections. Most importantly, the Military Lending Act mandates that covered products are subject to a Military APR (MAPR) which caps the amount of interest that can be charged at 36%. Since the original regulations applied to a narrow group of products, they didn’t get all that much attention.

But then in 2015 the Department of Defense extended the coverage of regulation to most consumer loan products and placed an affirmative obligation on institutions to identify covered individuals. This was bad but at least the final regulations did not apply to car loans. Unfortunately on December 14th, the DOD gave compliance people everywhere an early Christmas present when it issued an updated Q&A in which it explained that automobile purchases generally are not considered consumer credit for purposes of the Act, but “The answer will depend on what the credit beyond the purchase price of the motor vehicle or personal property is used to finance. Generally, financing costs related to the object securing the credit will not disqualify the transaction from the exceptions, but financing credit-related costs will disqualify the transaction from the exceptions.”

In other words, if you have the audacity to offer GAP insurance to your military members you must comply with the Military Lending Act when making car loans. Try explaining that one to your software vendor.

Yesterday CUNA joined other associations in calling for the DOD to withdraw this ridiculous interpretation which contradicts the DOD’s earlier decision that car loans are not consumer credit products for purposes of the Military Lending Act. I wish I could give you more helpful advice than this but just remember that everyone is in the same boat.

DeFrancisco Runs For Governor

Quick witted, long serving Republican Senator John DeFrancisco announced on Tuesday that he would run for Governor against incumbent Andrew Cuomo. DeFrancisco joins Brian Kolb, the Republican minority leader in the Democrat-dominated Assembly, and Joel Giambra, the former Erie County executive. Here’s a good bit of trivia for you: When’s the last time a Republican won state-wide office in New York? 2002.

My Good As Gold Super Bowl Prediction

Well it’s that moment you’ve all been waiting for when I give you my Super Bowl prediction. My predictions are so good that you can actually use them as collateral under NCUA regulations. New England 27, the Eagles 14. Brady cements his legacy as the greatest quarterback of all time and after some early success, the Eagles are unable to move the ball against the Patriots. At least we can all watch bits and pieces of that ridiculous Tom Brady video.

Wine snobs everywhere got a much needed smack down from the Court of Appeals for the 10th Circuit on Friday when the Court ruled that Amex and Chase weren’t on the hook for more than a million dollars in credit card payments to purchase wine that was never delivered. I don’t know why, but I find this case extremely amusing.

Malik Hasan had purchased $689,000 using his Chase credit card and $379,000 using his Amex from Premier Cru. Cru delivered some but not most of the wine before it went bankrupt. Hasan demanded that the credit card companies refund his accounts and when they refused he sued them.

Even though you don’t deal with transactions of this size, the dispute is one that any credit card issuing credit union is familiar. Under the Fair Credit Billing Act, card holders can have disputed credit card transactions re-credited to their accounts. However, the law also limits the size of a card holder’s claim “to the amount of credit outstanding with respect to the disputed transaction at the time the card holder first notified the card issuer.”

In this case, our stiffed wine connoisseur was quite conscientious and at the time he disputed the transactions there was no outstanding credit balance on either of his cards. As a result, the court ruled that “because recovery under §1666i is limited to the amount of credit outstanding Hasen could recover nothing under the statute.”

Does this mean that the statute actually puts conscientious bill payers at a disadvantage? Arguably yes. But remember the real wrong-doer here is not the card issuer but the bankrupt wine company.

These Goodbye Tours Are Getting Out of Control

This has absolutely nothing to do with credit union land but I have to get it off my chest. I thought it was bad enough when Mariano Rivera took a year to retire from the Yankees. Now I hear that Elton John is taking three years for what he promises will be his last live tour. Now I like both Elton John and Mariano Rivera but at some point we have to put an end to these ridiculously long goodbyes. They are bordering on egomaniacal. By the way, speaking of egomaniacal, is anyone as disturbed by that bizarre Tom Brady Facebook documentary as I am? I really don’t need to know how he spends his personal time or what he has for breakfast. On that note, enjoy your day.

Credit Unions notched an important victory on Friday in their battle against ADA Website litigation. Although the decision is just binding for credit unions located in the Eastern District of Virginia, it provides important persuasive authority for credit unions to argue that their unique member only structure limits the type of people who are qualified to bring lawsuits against them.

The Northwest Federal Credit Union has a field of membership made up of current or former employees of the CIA and their family members. In contrast, the plaintiff did not allege that he was eligible to join this credit union. As the court explains, he was unable to deposit money into the credit union, obtain a loan, or get other services. Against this backdrop, the court concluded that he could make no showing that he was harmed by the credit union’s website, even if it was not ADA compliant. Crucially, the court also held that plans to visit [the website] are immaterial unless the defendant can establish that he is eligible to use “the credit union services.” Why is this statement so potentially important? Because in other contexts courts have recognized standing of parties to bring civil rights lawsuits as a means of testing compliance with Federal law.

The second major conclusion of the court was that the ADA does not apply to websites. This is an issue that is dividing Federal courts across the country and my guess is that at some point it will have to be resolved by the Supreme Court. Remember that as it stands right now, the 2nd Circuit which has jurisdiction over New York credit unions, is trending in the direction of concluding that the ADA applies to websites.

On a personal note, yours truly is just getting over the mother of all flues. If I haven’t gotten to an email or phone call, (knock on wood) I’ll be back in the office tomorrow. By the way, don’t be an idiot like me and refuse to get a flu shot when you have a chance to get one.

Just like my favorite rapper, T.I. –I’m back baby and better than ever!

If you’re anything like yours truly, you’ve been thinking more about a perfectly cooked roast with creamed spinach than you have about the increasingly bizarre intersection of politics policy and regulation. There’s been some real doozies over the last week and a half so here’s some quick hits on what you missed:

HMDA

Acting CFPB Director Mick Mulvaney is continuing to move quickly to make a decisive imprint on the CFPB. On December 31st, he announced that the Bureau did not intend to require institutions to resubmit data or assess penalties with respect to information collected in 2018 and reported in 2019 under the Home Mortgage Disclosure Act. In addition, we can expect proposed amendments to the CFPB’s regulations which greatly expanded the amount of data mortgage lenders have to collect starting yesterday.

Keep in mind folks that several of the additional data points collected under HMDA are mandated by the Dodd-Frank Act. In other words, you should still be executing your new and improved HMDA collection activities.

The Elizabeth Warren/Bernie Sanders wing of the blogosphere went apoplectic over news that the CFPB had changed its mission to combatting burdensome regulation. Perhaps they should have taken the time to read the Dodd-Frank Act which provides that one of the Bureau’s primary objectives is in fact to do away with regulations that are “outdated, unnecessary, or unduly burdensome.” Wouldn’t it be nice if someday we could have a Bureau that both protects consumers and eliminates unnecessary regulations? But that’s the spiked egg nog talking. By the way, I prefer to put bourbon in mine.

Taxes

This one was hard to miss. The final tax bill caps the Federal deduction for State and Local taxes at $10,000 which explains why downstate Suburban and Mid-Hudson Republicans voted against the bill. Much confusion was created after Governor Cuomo issued an Executive Order allowing localities to accept 2018 taxes in 2017 as a way of avoiding the increased tax hit. The DFS even issued a notice last week encouraging banks and credit unions “that include property taxes in an owner’s monthly mortgage bill or otherwise pay property taxes on behalf of owners.” I’m not quite sure how that would work as many of these taxes haven’t been assessed yet. The IRS responded with this memo putting people on notice clarifying the very limited circumstances under which property taxes can be prepaid. You can expect to hear plenty about the tax legislation in the Governor’s State of the State Address tomorrow.

Fiduciary Rule

New York’s Department of Financial Services has proposed regulation that would impose an enhanced fiduciary obligation on sellers of life insurance and annuities. The Trump Administration’s Department of Labor has delayed similar regulations from taking effect on the Federal level and the DFS is moving to fill the perceived gap. This is yet another example of how states like New York will attempt to counter balance the regulatory actions of the Trump Administration. There’s a 60 day comment period.

Important Effective Dates

The first day of the year is always an important one since many new laws take effect. Here are some of the bigger ones:

I have a lot of stuff I want to get done before going on my Christmas hiatus, so this is going to be short and sweet. There are two recently released guidance your compliance person should know about.

First, there is this joint interagency examiner guidance informing field staff how to assess a financial institution’s response to a major disaster. Let’s be honest people, the climate is acting stranger than usual and there is the unfortunate reality that your credit union and the community in which it is located could be impacted by a major disaster. How your credit union responds to these disasters is the thrust of this guidance which will be used by NCUA examiners. It stresses that examiners should assess “management’s effectiveness in responding to the changes in an institution’s bushiness markets as a result of a natural disaster and whether the institution has addressed these issues by adjusting its long-term business strategy.” In addition, examiners should expect that institutions affected by a major disaster to conduct an initial risk assessment and the ability to refine this assessment on an ongoing basis.

There is more here than meets the eye. Your institution should review this guidance and update its existing policies and procedures to reflect its concerns. You don’t want to be developing an ad hoc disaster response plan after the disaster has occurred.

A second guidance that I wanted to give you a head’s up on has to deal with our erstwhile friend, the Bank Secrecy Act (BSA). FinCEN recently announced that it had updated its ever helpful list of frequently asked BSA questions. Among the changes are an updated response to Question 16 which deals with how to report a transaction involving a government official who engages in a financial transaction greater than $10,000 as part of his or her official duties. In other words, this response would have been of no use to Elliot Spitzer.

Finally, I am pleased to report that a little less than a week ago the Federal Reserve came out with another addition of the Consumer Compliance Outlook. I was afraid that the Federal Reserve wasn’t producing these anymore which is too bad because I consider them a great resource. Typically the Reserve provides an overview of new regulations which are not so general as to be of no use to the compliance professional but not so specific as to be of little interest to the non-compliance executive.

On that note, enjoy your day and remember to follow me on Twitter @HMeierEsq. By the way, I saw The Day After Tomorrow for the first time a few weeks ago. I usually find apocalyptic adventure movies idiotic and predictable but for some reason there was something about this idiotic and predictable movie that I enjoyed.

That is the question an increasing number of credit unions have been asking the Association lately. But before I answer the question I want to set a few things straight.

First, the purpose of this blog is not to make compliance officers break in to a cold sweat, drop everything they are doing and curse European integration. It is simply to provide very high level background and encourage those of you who may be directly impacted by Europe’s pending regulations to do additional work.

Second, remember that, while I strive to provide my faithful readers with the best advice I can, this blog is no substitute for seeking out your own attorney who’s aware of the unique needs of your institution.

Yeah, yeah, yeah, Henry. Now do Europe’s data protection laws apply to my credit union? The answer is it depends on how much interactions your members have with European Union countries, the type of banking services you offer, where you store your data and what exactly you do with it. Simply put, for the United Nations Credit Union, this is a big deal. For a small credit union in Jamestown, there are a million better things to worry about. Here’s some background:

In April of 2016, the European Commission adopted greatly enhanced data protection requirements called the General Data Protection Regulation (GDPR). The regulations are designed to increase (1) Data portability – which generally means giving consumers the ability to more easily transfer their personal data from one institution to another. (2) Give consumers enhanced ability to know how their information is being used and (3) Enhance the “right to be forgotten,” which generally means mandating that companies such as Google and Amazon have the ability to remove information from the web at a member’s request. To accomplish this goal, companies that do business in the EU must demonstrate how they are going to comply with these requirements and comply with much stronger member consent mandates than we use here in the states before sharing data. Finally, they must be prepared to report data breaches within 72 hours. To accomplish all these goals they must appoint a Data Protection Officer. All this kicks in officially in May 2018.

Here’s the part that has credit unions concerned. Article 3 of the regulation stipulates that it applies “to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union.” As drafted, the regulation applies not simply to companies located in the European Union but to companies outside the European Union that are processing information on behalf of persons in the EU. In other words, if you have a member traveling or working in the European Union who utilizes your credit union, this regulation arguably applies to your institution. This is not simply the analysis of a paranoid compliance lawyer; European regulators have said that one of the purposes of these regulations is to establish international data protection standards.

What makes this jurisdictional hook even more intriguing is that American regulators, specifically the FTC and the CFPB, seem anxious to see how they can incorporate GDPR principles into the American regulatory framework. For example, in October the CFPB finalized privacy principles which legal commentators were quick to point out were suspiciously similar to the concepts embedded in the GDPR. The FTC was even more forthright. For example, in this January 2016 speech, Julie Brill of the Federal Trade Commission explained “the GDPR is not a purely European document. Some of the key substantive provisions of the GDPR have roots in U.S. privacy law and policy. And some of the big questions left open in the GDPR that the Europeans will have to grapple with over the coming years are questions that we have been grappling with here in the U.S. for some time.”

So what, if anything, should your credit union do to prepare for this new regulatory framework which takes effect in May 2018? I’ll offer some thoughts on that question in tomorrow’s blog. In the meantime, here is a comprehensive analysis performed by the World Council Of Credit Unions. Michael Edwards and all were extremely helpful in helping me with my research.

Today I am going to get down in the weeds a little. So, grab some extra coffee before you find out about the joys of how to define a “business day” for purposes of the Truth In Lending Act and RESPA.

There are of course, a plethora of timed notice requirements in the byzantine world of mortgage finance such as the three-day right of rescission and the receipt of TRID disclosures within 3 business days of receiving an application and at least 3 business days before a closing. A business day is generally all calendar days except Sundays and federal legal holidays specified in 5 U.S.C.A §6103.

Federal law recognizes 11 days as National holidays (5 U.S.C.A §6103). 4 of those holidays specify specific dates on which they are to be celebrated (New Year’s Day, Independence Day, Veteran’s Day, and Christmas). So what do we do in those cases where a holiday celebrated on a specific date is celebrated on a day other than the day on which it falls? As luck would have it, the official interpretation to the definition of business day tells us exactly how to handle this. “When one of these holidays (July 4, for example) falls on a Saturday, Federal offices and other entities might observe the holiday on the preceding Friday (July 3). In cases where the more preciserule applies, the observed holiday (in the example, July 3) is a businessday.” 12 C.F.R. § Pt. 1026, Supp. I, Part 1, §1026.2(a)(5)

Since we’re on the subject, what should you do if your member’s credit card payment are due on the 10th of each month? The answer is more complicated than you might think. If your credit union is closed tomorrow because it celebrates Veteran’s Day on the 10th, then it must accept payment as timely if the payment is received on the next business day which could be as late as Monday.

Here’s where it gets even trickier: Even though your credit union knows well in advance what days it will not be open for business, you are still obligated to disclose the 10th as the date the payments are due on your periodic statements. Take a look at the official commentary; See 12 C.F.R. §1026.7 (b)(11)(9) for further explanation.

Incidentally, throughout this blog I am providing links from the CFPB’s eRegulations. This is the easiest way of easily sifting through the regulations and their accompanying commentary.

On that note, yours truly is taking a floater tomorrow. I’m actually headed down to God’s Country (aka Long Island) to see how the family is doing and to take a train ride into the city. Maybe we will run into each other.